package com.cunshe.web.manage;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.cunshe.common.DictConsts;
import com.cunshe.common.ResponseVO;
import com.cunshe.common.WebConsts;
import com.cunshe.domain.User;
import com.cunshe.entity.vo.LoginVO;
import com.cunshe.service.UserService;
import com.cunshe.web.BaseController;
import com.google.gson.Gson;
import com.sunkee.commons.security.md5.PasswordEncoder;
import com.sunkee.commons.utils.DateUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = "登录")
@RestController
@RequestMapping("")
public class LoginController extends BaseController {

    @Autowired
    private UserService userService;
    @Autowired
    private PasswordEncoder passwordEncoder;
    @Autowired
    private Gson gson;

    /** 登录 */
    @ApiOperation(value = "登录")
    @PostMapping(value = "login")
    public ResponseVO login(@RequestBody @Validated LoginVO vo){
        User user = userService.getUserByLoginid(vo.getLoginid());
        if(user == null){
            return ResponseVO.error(1, "账号或密码不存在");
        }
        String encode = passwordEncoder.encode(vo.getPassword());
        if(!user.getPassword().equals(encode)){
            return ResponseVO.error(1, "账号或密码错误");
        }
        if(user.getStatus() != DictConsts.STATUS_NORMAL){
            return ResponseVO.error(1, "账号已被禁用");
        }

        String token = JWT.create()
                .withExpiresAt(DateUtils.getNextDay(1))
                .withClaim("user", gson.toJson(user))
                .sign(Algorithm.HMAC256(WebConsts.JWT_SIGN));
        user.setToken(token);
        user.setPassword(null);
        return ResponseVO.success(user);
    }

    public static void main(String[] args) {
        Gson gson = new Gson();

        User user = User.builder()
                .id(1L)
                .loginid("admin123")
                .username("admin")
                .build();

        String token = JWT.create().withClaim("user", gson.toJson(user)).sign(Algorithm.HMAC256(WebConsts.JWT_SIGN));

        System.out.println(token);
        String str = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoie1wiaWRcIjoxLFwidXNlcm5hbWVcIjpcImFkbWluXCIsXCJsb2dpbmlkXCI6XCJhZG1pbjEyM1wifSJ9.u90wCLnlmxP8Fh0ilDLX9wWnk9akkc9j-BQD2YctcYhQ";

        String json = JWT.decode(str).getClaim("user").asString();
        System.out.println(json);
    }

    /** dengchu */
    @ApiOperation(value = "dengchu")
    @PostMapping(value = "logout")
    public ResponseVO logout() {
        request.getSession().removeAttribute(WebConsts.USER_SESSION_ID);
        return ResponseVO.success();
    }

}
